An ‘iceberg’ of unseen crimes: Many cyberoffenses go unreported

Gabriella Demczuk / The New York Times

A secure room that blocks phone signals at the Computer Forensics Department of the Public Safety Headquarters in Fairfax, Va., Feb. 2, 2018. The country’s crime classification system is antiquated. Police commanders struggle with no data on an array of technology-based crimes.

By Al Baker, New York Times News Service

Tuesday, Feb. 6, 2018 | 2 a.m.

Utah’s chief law enforcement officer was deep in the fight against opioids when he realized that a lack of data on internet sales of Fentanyl was hindering investigations. So the officer, Keith D. Squires, the state’s public safety commissioner, created a team of analysts to track and chronicle online distribution patterns of the drug.

In Philadelphia, hidebound ways of confronting iPhone thefts let thrive illicit networks to distribute stolen cellphones. Detectives treated each robbery as an unrelated street crime — known as “apple picking” — rather than a vast scheme with connected channels used by thieves to sell the stolen phones.

And in Nashville, investigators had no meaningful statistics on a nasty new swindle of the digital age: The “cheating husband” email scheme. In it, anonymous extortionists mass email large numbers of men, threatening to unmask their infidelities. The extortionists have no idea if the men have done anything wrong, but enough of them are guilty, it turns out, that some pay up, sometimes with bitcoin.

Each case demonstrates how the tools used to fight crime and measure crime trends in the United States are outdated. Even as certain kinds of crimes are declining, others are increasing — yet because so many occur online and have no geographic borders, local police departments face new challenges not only fighting them, but keeping track of them. Politicians often tout crime declines without acknowledging the rise of new cybercrimes.

Detectives only learned of the “cheating husband” scheme from faithful spouses who were not victims. The crime did not fit into any existing category, and since police had made no arrests, they had no statistics to feed to a national crime database in Washington that can prepare other jurisdictions for the scheme.

Many of the offenses are not even counted when major crimes around the nation are tallied. Among them: identity theft; sexual exploitation; ransomware attacks; Fentanyl purchases over the Dark Web; human trafficking for sex or labor; revenge porn; credit-card fraud; child exploitation; and gift or credit-card schemes that gangs use to raise cash for their traditional operations or vendettas.

In a sense, technology has created an extraordinary moment for industrious criminals, increasing profits without the risk of street violence. Digital villainy can be launched from faraway states, or countries, eliminating physical threats police traditionally confront. Cyberperpetrators remain unknown. Law enforcement officials, meanwhile, ask themselves: Who owns their crimes? Who must investigate them? What are the specific violations? Who are the victims? How can we prevent it?

The rise of the crimes flies in the face of the proclamations of politicians who declare crime an all but defeated societal ill.

“You have to go back to the 1950s to see crime this low,” Mayor Bill de Blasio, New York City’s second-term Democratic mayor, said recently on MSNBC’s “Morning Joe.” His comments reflected last year’s historically low numbers of murders and shootings, burglaries, robberies and auto thefts — offenses measured by the police CompStat tracking program.

But to many criminologists, academics and law enforcement leaders, crimes like car theft are anachronisms in a modern era in which the internet’s virtual superhighways have supplanted brick-and-mortar streets as the scenes for muggings, prostitution rings or commercial burglaries. They see dips in traditional violence and larceny as offset by a twin phenomenon: A surge in the evolving crimes of the digital era, and the fact that they are not fully captured in law enforcement’s reporting systems.

“It’s the old iceberg metaphor,” said Nola Joyce, a former deputy commissioner of Philadelphia’s police department. “What we know about is above the surface. But in terms of value, and in terms of harm, a lot of that crime is below the surface.”

“There’s an old saying that came out of the Vietnam War,” she added, “that said, `If you can’t measure what matters, what you measure matters a great deal.”

Joyce is working with others on a panel of the National Academies of Sciences, Engineering, and Medicine, to modernize local and federal crime-classification systems.

New solutions are a priority, too, for the Federal Bureau of Investigation and progressive police commanders. They say that without timely, accurate data on crime, criminal justice leaders cannot see and respond coherently to national trends or make informed policy and spending decisions or tailor deployment strategies to best battle them.

As Chuck Wexler, executive director of the Police Executive Research Forum, a Washington-based research group that has studied the issue, put it: “The problem is, to use an overused expression, `You don’t know what you don’t know,’ and by that I mean we don’t know the extent of these incidents in our communities or from a national perspective.”

Indeed, an Internet Crime Complaint Center established by the FBI in 2000, to capture internet crime, received 298,728 complaints in 2016, reflecting $1.3 billion in combined losses, according to a new report by Wexler’s group. But Donna Gregory, the head of the center, said that number of complaints only represented about 10 to 12 percent of all estimated cybercrime victims in the United States in 2016, and a fraction of all victims worldwide. In fact, a single category of internet crime — identify theft — generated $15.4 billion in losses in 2014, according to a crime victimization survey by the federal Bureau of Justice Statistics.

In its report, Wexler’s group said its findings represented a wake-up call for the nation’s 18,000 policing agencies facing an increase in technology-based crimes, that sprawl across jurisdictions, and recommended they fight back with similar tools by: developing their own digital expertise; hiring civilian analysts; mining technology, to help solve crime; encouraging banks to forward reports of theft rather write off their losses.

It is an issue that dates back to 1929, when the FBI first rolled out its Uniform Crime Reporting system that still stands today. Designed as a summary count, it mainly tracks a handful of Part One index crimes: murder, rape, robbery, assault, burglary, grand larceny, arson and auto theft. The counts include only the top charge in a given episode.

In the 1980s, the FBI, with Bureau of Justice Statistics, tried to improve the reporting by building the National Incident-Based Reporting System to capture deeper levels of data across more categories. It created, for instance, “crimes against a person” which includes: assault, murder, kidnapping, abduction and sexual offenses. Each act is counted separately, within an incident or a crime that encompasses several criminal elements.

But 40 years later, data collection is still haphazard as policing agencies that protect just 31 percent of the country’s population volunteer to abide by the deeper reporting standards. (An example: There is no national database of police officers’ use of deadly physical force.) Still, the FBI is charging forward, vowing to move fully to its 1980s-era vision by 2021. Only last year did it began collecting data on two new offenses in its fraud category: hacking/computer invasion and identify theft.

“Crime data reporting — in its current state — is not collecting the right information to understand and analyze current events,” Stephen G. Fischer Jr., an FBI spokesman, said. “Today’s information age has changed how we see the world and what the world expects from policing.”

The panel of the National Academy of Sciences is looking past the FBI’s unmet goals — which it sees as one component of a new approach. The panel wants a fresh system for understanding the nature and extent of crime today, said Janet L. Lauritsen, the panel’s chair and a criminology professor at the University of Missouri.

It envisions a format modeled in part, on an international framework organized by the United Nations that would reflect 11 prime categories of crime and 189 sublevels, including many that “are just not even part of the national conversation on crime,” Lauritsen said. It would, for instance, capture reports from federal agencies, she said, that have never reported crime data to the FBI, “even though there is actually a law on the books,” the Uniform Federal Crime Reporting Act, from 1988, that compels it.

Better data foster transparency, which can build trust with civilians even if it yields statical crime increases, said Col. Edwin C. Roessler Jr., police chief in Fairfax County, Virginia, who is the FBI director’s chairman for converting policing to a new crime classification system. Data offer the evidence to lobby government for more money or better laws, he said. In fact, when Roessler demonstrated how each gang homicide, on average, required 25 search warrants for “cyberdata, cellphones and other social media,” it helped win financing for a new Cyber Bureau and new “cyber experts” to work gang cases and build meaningful statistics and intelligence.

“We’ve got gaps here, where we’re not catching the root causes of all kinds of criminal activity,” the colonel said, a flaw with real-life consequences.

So too, for Magnus, in Tucson, who sees the lack of modern-day crime classification as, “one of our biggest frustrations.” Leading a force of 850 officers, patrolling 300-square-miles, lapses in accurate statistics on property crime, fraud, human trafficking and digital crime hurts his ability to deploy thin resources.

“Once you get into Cyberspace,” he said, “data about anything is so limited that it’s really, really hard to figure out even what might be happening locally that impacts that crime.”